About the wait times:
I am guessing the wait times are because of the garbage hosting I chose. I had issues with Hostgator last year after upgrading their service and I decided to go with what WordPress suggested (Bluehost). I did not know they were the same company. Since I never got a refund from Hostgator after I canceled the new service 2 weeks into it, I decided to stay with Bluehost until my year is finished because I figured the 300 I gave them would also not be refunded.

I am getting ready to move to inmotionhosting, not sure if this will fix the issue or not. Any advice on that would also be helpful for us to move into the right direction. I am sick of making changes just to inherit more problems than I had before.

You're correct that the hosting is the problem: the extremely long TTFB indicates a poor hosting setup.

Without access to the server configuration, it's nigh on impossible to get to the root cause, and properly set the server up. As I guess this is a not-for-profit, I doubt there's much money to spare, but even something like a $5/mo VPS from Linode - https://www.linode.com/pricing - would probably do you once working.

If staying where you are, the only real way of moving forward is to implement a full page cache, which lessens the load on the server by storing results rather than processing data grabbed from the database, and templates from disk every time. I recommend wp-supercache - it's free! Also, I'd implement 'lazy-loading' - delaying downloading images that aren't visible as they're off the bottom of the screen. I use a plugin called bj lazyload, but it may have disappeared.

With a FPC, the first person hitting the page will still have this problem, but subsequent visitors will be able to use the cached version.

(06-09-2017 02:39 PM)GreenGecko Wrote: You're correct that the hosting is the problem: the extremely long TTFB indicates a poor hosting setup.

I was afraid of that, is inmotionhosting decent?

Currently I am not technical enough to set up a linux Ubuntu server for running the site. I know a little about Ubuntu but mostly in the desktop format. I have set up storage servers in the past that did simple file shares but I feel this might be a bit too much to lock down and do a VPS at the moment.

The prices look good though, I might spin up a VM of Ubuntu and see how hard setting up the site would be. Do you know if I set up my server in house if there is a way to move it to Linode. I could download a VLMK disk and upload it to them if they use ESX but maybe that is too much. I wish I knew more about this stuff.

Other alternatives are to use HTTP/2 like dfavor mentioned above. You could consider concatenating JS and CSS files as well. However, I am not sure if you really control the hosting to be able to make this change.

@dfavor. You've really got this thing with http2 and ssl haven't you. Please explain why these are your (4) most important points when attempting to fix an extremely long TTFB! ( and even more so in this case when most of the heavy lifting is done by Amazon Cloudfront anyway! )

Using 'Apache-2.4.25+ with PHP-7.1.6+ + latest MariaDB (Fast MySQL).' will not fix anything unless they're properly configured, and TBH with this length of TTFB, specific versions of anything will make only minimal differences, only proper server sizing and infrastructure configuration ( in fact MariaDB will only really improve things if you use the InnoDB engine - from Percona - by default, and tune it appropriately ).

If you stick to popular and well supported plugins ( ie they run with the latest versions of WP and have loads of users ) then there's not much chance it'll affect performance significantly. One notable exception to this is wordfence, which doesn't maintain it's data at all, so the only option is to tick the box to delete data on uninstall, then uninstall / install it to recover your lost performance ( unless they've fixed this in the last few months ).

Only then worry about improving performance through using latest versions ( although TBH it's usually far, far more sensible to go with the mainstream versions of the distro in use for improved support ), and ONLY THEN worry about how good your SSL configuration is.

My $0.02.
Just as an aside, a properly tuned database will handle thousands of queries / second without breaking a sweat. Concentrating on this is dropping the ball big time, and once again, the law od diminishing returns is against you.

However, none of these points are relevant if you're on shared hosting, which is what the OP is after.

You are 100% correct on the bad SSL. It came with my host and it is garbage. I was going to go with another host but they do not support the SSL you suggested so I am going to most likely go with A2 hosting as they offer LetsEncrypt as their option. If anything this will be better in the long run as most stock android browsers, older Apple devices report SSL issues with our site and it has bothered me from the start.

There are typically 80 query with 73 selects, 2 each insert, show and delete. The query time is .0662 and server side total page generation is .92 seconds. I am sure my hosting network is at fault as the number from multiple tests shows huge amounts of time changes but yet consistent server times once the wait is over.

I will continue to look through the advice you have given. I am trying to find out why my current host keeps changing my settings to this.
;zend_extension="/opt/php70/lib/php/extensions/no-debug-non-zts-20151012/opcache.so"

I have made this adjustment many times to add it in the past and they seem to void it after a few day of me updating it back to including it.

The hosting I am on is extremely bad, one of the worst I have seen.

Example,

Yesterday I contacted them about my sites php settings, they issued the php.ini for 5.6 when I am on php7. They told me what they were seeing and I said I do not see this. They then told me to FTP into this address they gave me and then gave me the user and password to log in to it. I logged in and noticed that was not my server. I was shocked that they had me login to someone else's web server. Once I said this is not my server and I gave them my server name they transferred me to another tech. Multitasking support tickets is not everyone's strengths

I do not recommend Bluehost to anyone, they are horrible.

Thanks again for your input,
Ross

(06-10-2017 11:40 AM)GreenGecko Wrote: @dfavor. You've really got this thing with http2 and ssl haven't you. Please explain why these are your (4) most important points when attempting to fix an extremely long TTFB! ( and even more so in this case when most of the heavy lifting is done by Amazon Cloudfront anyway! )

Using 'Apache-2.4.25+ with PHP-7.1.6+ + latest MariaDB (Fast MySQL).' will not fix anything unless they're properly configured, and TBH with this length of TTFB, specific versions of anything will make only minimal differences, only proper server sizing and infrastructure configuration ( in fact MariaDB will only really improve things if you use the InnoDB engine - from Percona - by default, and tune it appropriately ).

If you stick to popular and well supported plugins ( ie they run with the latest versions of WP and have loads of users ) then there's not much chance it'll affect performance significantly. One notable exception to this is wordfence, which doesn't maintain it's data at all, so the only option is to tick the box to delete data on uninstall, then uninstall / install it to recover your lost performance ( unless they've fixed this in the last few months ).

Only then worry about improving performance through using latest versions ( although TBH it's usually far, far more sensible to go with the mainstream versions of the distro in use for improved support ), and ONLY THEN worry about how good your SSL configuration is.

My $0.02.
Just as an aside, a properly tuned database will handle thousands of queries / second without breaking a sweat. Concentrating on this is dropping the ball big time, and once again, the law od diminishing returns is against you.

However, none of these points are relevant if you're on shared hosting, which is what the OP is after.

Hi GreenGecko,

dflavor is correct on my SSL, it is a really bad SSL Positive SSL cert that is offered with my hosting.

I tried Wordfence last year and wow, you are 100% correct, very sloppy and problematic. I have since changed to iThemes Security, it seems a lot better. I should look and see if Wordfence still has tables in my db.

Do you have any advice on hosting services. I am leaning towards A2 Hosting at the moment. My Bluehost account is dead in 6 weeks so I am focusing on this while improving TTFB at the moment.

Ross

(06-10-2017 10:07 AM)akshayranganath Wrote: Your webfont is loaded pretty late in the waterfall (req#50). As a simpler alternative, would it be possible to inject loading this from within the HTML <head>?

Other alternatives are to use HTTP/2 like dfavor mentioned above. You could consider concatenating JS and CSS files as well. However, I am not sure if you really control the hosting to be able to make this change.

I am currently on Bluehost and it is garbage, I have ssh but I am moving in a month to another host. I have been reading the stuff from the link you sent me, thanks it is helpful.

OK, you go ahead and centre your efforts on improving ssl. By doing that, you totally ignore the fact that, using the WPT waterfall I provided for you, it adds under half a second to your initial page load, whereas there's 3.8 seconds of server side processing to be addressed: 8 times the delay.

Sure, it makes a difference, but no, it really shouldn't be your top priority.

( Same with the preload stuff: it will make stuff all difference to your TTFB, as it relates to resources loaded after the initial html skeleton )

I am looking at it all but I did just want to say there is a issue with the SSL. It is our number one complaint from our users and they all say the same thing, I can get on your site with my desktop but not my older iPad.

I did find by testing some of the above answers I got that my server is also the issue and if I want to fix it and not move into something expensive I need to break my site apart into sub-folders and install the membership stuff in an isolated install. I can't afford all the cost that go into a VPS or a dedicated server at the moment. Even if I went with Linode I would have to fall in the 20 a month package and it would only be a year or less before I would need more storage. On top of that I feel I would have to hire or find someone that could do the server side securing plus the network stuff because I doubt I could do that on top of what I have to do every month just to make what I am doing work.

Everyone has given valid points and that is why I asked the questions in the first place. I know fixing the SSL will not resolve the issues I am having with speed but it will fix a few of my headaches with the emails I get weekly because of my SSL. I am trying currently to see if Comondo will resolve the issue as I bought the SSL from them.

As of now I am going to re-structure the site to lighten the quires on the front end so the site is faster over all for people browsing the site and deciding if they want to join. After that users will log into the site where the membership is at and with that they will have to deal with a little slower performance until I have the funds to move to something better.

My new page I built in a subdomain and tested performs night and day over the current root domain. By utilizing lazy loading and a few other things from what others have said the new mock up home page loads in 1.12 seconds is a grade A at 87% faster than other tested sites. It does this without having My CDN connected. My biggest gains were lowering my queries the server has to perform. I went from 89Qs to 38Qs just in testing this method out. The membership side will still be a little slow but for now I think I at least have plans to move forward.

I thank you and everyone that responded as it lead me to my next best option.

Ross

(06-17-2017 09:02 AM)GreenGecko Wrote: OK, you go ahead and centre your efforts on improving ssl. By doing that, you totally ignore the fact that, using the WPT waterfall I provided for you, it adds under half a second to your initial page load, whereas there's 3.8 seconds of server side processing to be addressed: 8 times the delay.

Sure, it makes a difference, but no, it really shouldn't be your top priority.

( Same with the preload stuff: it will make stuff all difference to your TTFB, as it relates to resources loaded after the initial html skeleton )

Fixing your cert is trivial. Append the following block to your current cert file ( which only contains the cert, not the intermediate certs that comodo requires ). These are the missing certs, and MUST be added in this order, AFTER the current site cert.

Edit: Looking at the ssl results ( https://www.ssllabs.com/ssltest/analyze....158&latest ) you should be able to get to the site with anything newer than Safari 6 on iOS 6. Anything older than that will continue to be a problem. If you can get specifics on what cannot access this site, it would be helpful. However, you've got to compromise a loss in readership with current practices... there's a fair chance that you'll need to support SSL3 to get them connecting, and as of a year or more ago, that's a real nono.